Women and AI: Reflecting bias or reinforcing inequality?

Ask an image-generation model to create a CEO, a software engineer, or a successful entrepreneur, and chances are the result will be male. Ask for a nurse, a personal assistant, or a caregiver, and a woman is far more likely to appear.

Such outputs have fuelled growing concerns about gender bias in AI and the broader relationship between women and synthetic intelligence. Yet a more complicated question lies beneath the surface: are AI systems creating these stereotypes, or are they simply learning them from society?

AI learns patterns, not values 

AI is not neutral; it learns from historical and social data. From books and news archives to websites, social media posts, and workplace statistics, modern AI systems are trained on enormous quantities of human-generated content. If society has historically associated men with leadership and women with caregiving, AI is likely to learn those associations as statistical patterns. The real challenge emerges when these patterns are reproduced millions of times every day, shaping perceptions of what is normal, expected, or achievable.

The debate surrounding gender bias in AI is therefore not only about technology. It is also about how existing inequalities are translated into digital systems and whether AI ultimately reinforces or challenges them. 

Women and AI, gender bias
image via Magnific

How AI systems learn and reproduce gender bias

AI has often been portrayed as objective, rational, and free from human prejudice. Reality is more complicated. Machine learning models do not distinguish between desirable and undesirable social patterns. Their purpose is to identify relationships within data and use them to make predictions or generate outputs.

A landmark 2017 study published in Science demonstrated that AI language models learned many of the same implicit biases found among humans. Researchers discovered that word associations frequently linked men with careers, science, and leadership, while women were more closely associated with family and domestic roles. Importantly, the systems were not instructed to adopt these views. They simply learned them from the data available to them.

From a machine-learning perspective, stereotypes are not recognised as stereotypes. They are recognised as recurring patterns.

That distinction matters. AI does not understand concepts such as fairness, equality, or discrimination. It understands probabilities. If particular associations dominate books, websites, news reports, and online discussions, AI systems are likely to absorb those associations and reproduce them in their outputs.

Much of the discussion about women and AI begins here. Gender bias in AI is often less a product of malicious design and more a reflection of the social realities embedded in training data.

Women and AI, gender bias
image via Magnific

How AI amplifies gender stereotypes and inequality

Many experts argue that AI acts as a mirror of society. In some respects, that assessment is correct. If men currently occupy a majority of senior corporate leadership positions, the AI model that frequently depicts CEOs as male may simply be reflecting existing labour-market realities.

However, reflection is only part of the story.

Historically, stereotypes have spread through institutions, media, education systems, and interpersonal interactions. AI introduces a new dynamic because it operates at a scale no individual human can match. Search engines, recommendation systems, chatbots, virtual assistants, and generative AI platforms interact with millions of users simultaneously.

The concern, therefore, is not that AI can be biassed. Humans have always been biassed. The concern is that AI can replicate and distribute those biases with unprecedented speed, consistency, and reach.

A stereotype expressed by one individual has limited influence. A stereotype repeated by an algorithm millions of times can gradually shape expectations about who belongs in positions of authority, innovation, or expertise.

Questions surrounding AI and gender equality extend beyond technical accuracy. Even if an AI system reflects current realities, repeated exposure to those realities may reinforce the perception that they are natural, inevitable, or desirable.

Women and AI, gender bias
image via Magnific

How AI systems portray women and gender roles

Evidence of gender stereotypes in AI has appeared across a wide range of technologies.

Image-generation systems have repeatedly associated women with caregiving and support roles while portraying men as executives, scientists, engineers, entrepreneurs, and political leaders. Similar patterns have emerged in language models, search algorithms, and recommendation systems.

Such outputs raise concerns because representation influences perception. When leadership, technical expertise, and innovation are consistently presented through a male lens, AI may unintentionally reinforce assumptions about gender and professional capability.

Researchers often describe this phenomenon as representational harm. Unlike direct discrimination, representational harm does not necessarily involve financial loss or exclusion from opportunities. Instead, it affects how groups are perceived in society and how individuals understand their own potential.

For younger generations growing up alongside AI-powered technologies, these representations may become part of the digital environment through which social norms are learned. AI increasingly shapes the way people search for information, discover role models, and imagine future careers. As a result, the way women are portrayed by AI systems has implications that extend far beyond the technology sector itself.

Women and AI, gender bias
image via Magnific

The gender bias feedback loop in AI 

One of the most important concepts in discussions about gender bias in AI is the feedback loop.

Society creates patterns and inequalities.

These patterns are recorded in digital data.

AI learns from that data.

AI systems reproduce these patterns in their outputs.

People consume these outputs and may internalise them.

New data is generated that reflects the same assumptions.

The cycle then repeats itself.

Viewed through this lens, AI becomes part of a system through which existing inequalities can be continuously reproduced and normalised. 

Understanding this feedback loop shifts the debate away from the simple question of whether AI is biassed. A more important question emerges: what happens when social inequalities become embedded in technologies that many people perceive as objective and trustworthy?

That question sits at the heart of contemporary debates surrounding AI ethics, responsible AI development, and digital governance.

Women and AI, gender bias
image via Magnific

Why women in AI governance and development still matter 

Discussions about gender bias in AI often focus on the underrepresentation of women in AI and the broader technology sector. While diversity remains an important issue, it should not be viewed as a simple explanation for biassed outputs.

Increasing the number of women working in AI would not automatically eliminate stereotypes from the training data. Models trained on historical information would still learn many of the same social patterns.

However, representation becomes significant at the level of governance.

Decisions about whether biassed outputs should be corrected, contextualised, or left unchanged are ultimately human decisions. Diverse teams may be better positioned to identify harms that homogeneous groups overlook and to challenge assumptions that might otherwise remain embedded in AI systems.

The importance of women in AI, therefore, extends beyond mere representation. It relates to participation in the governance structures that determine how AI is developed, evaluated, and deployed.

The questions about fairness, accountability, and responsible AI are not purely technical. They are social and political questions that require a broad range of perspectives.

Women and AI, gender bias
image via Magnific

The future of gender equality in AI 

AI is frequently described as a transformative technology, yet its most disruptive impact may not be what it creates, but what it reveals. For centuries, societies have debated equality through laws, institutions, and cultural norms. AI introduces a different form of scrutiny. By converting human behaviour into data and data into predictions, it exposes patterns that often remain invisible until they are reflected back at scale.

In that sense, debates about women and AI are not merely debates about technology. They are discussions about who gets represented in the collective knowledge, whose experiences become part of the historical record, and which assumptions are treated as facts simply because they have been repeated often enough. As societies increasingly rely on algorithms to organise information and inform decisions, the line between what is statistically common and what is socially acceptable may become one of the defining questions of the digital age.

AI may never tell society what is right. Yet by revealing the patterns embedded in human history, it is forcing a deeper question: when machines learn from us, what exactly are we teaching them?

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!

FIFA World Cup 2026 faces growing AI and cybersecurity threats

The FIFA World Cup 2026 is not only a football tournament. It is one of the largest digital security tests ever associated with a global public event.

With 48 teams, 104 matches and 16 host cities spread across the USA, Canada and Mexico, the ongoing tournament creates a vast network of stadium systems, ticketing platforms, broadcasters, hotels, transport providers, mobile applications, public Wi-Fi networks, payment systems, and connected devices.

The scale of digital interconnection is unprecedented in the history of international sport.

The Canadian Centre for Cyber Security has warned that the event will almost certainly attract cybercriminals, state-sponsored actors and other threat groups because of its visibility, infrastructure complexity, and broad supplier ecosystem.

Similar concerns have been raised by cybersecurity researchers, government agencies and intelligence analysts, all of whom view the tournament as a high-value target.

Canada warns FIFA World Cup 2026 could face cyberattacks, scams and AI-driven disinformation.

What makes the World Cup 2026 particularly significant is the growing role of AI.

AI will support crowd management, threat detection, cybersecurity operations, content moderation, logistics planning, and fan engagement. Ironically, the same technologies will provide attackers with powerful new tools to automate phishing campaigns, generate convincing deepfakes, conduct fraud operations and spread disinformation at an unprecedented scale.

Perhaps paradoxically, the result is a tournament where AI functions simultaneously as a defensive capability and an offensive weapon.

The largest entertainment attack surface in history

Cybersecurity experts have described the FIFA World Cup 2026 as the ‘largest global entertainment attack surface in history’. The description reflects not only the size of the tournament but also the complexity of its digital ecosystem.

Every match involves interactions between permanent stadium infrastructure, temporary commercial suppliers, cloud service providers, telecommunications operators, transportation networks, emergency services, broadcasters, and millions of fans. Unlike previous tournaments, many of these systems are deeply integrated through digital platforms and real-time data exchanges.

Researchers have noted that the attack surface extends far beyond FIFA’s own networks. Airlines, hotels, payment processors, media organisations, local authorities, ride-sharing platforms and tourism providers all become part of the broader security environment. A successful attack on any of these entities could create disruption that affects the tournament itself.

The Center for Strategic and International Studies (CSIS) has divided the World Cup attack surface into three layers. The first includes direct tournament infrastructure such as stadiums, ticketing systems, and broadcasting operations.

The second includes supporting infrastructure such as telecommunications networks, transportation systems and cloud providers. The third consists of millions of individual devices belonging to players, officials, journalists, sponsors and supporters.

Consequently, a cyber incident does not need to compromise FIFA directly to have significant consequences. A ransomware attack affecting a hotel chain, a denial-of-service attack against a transportation provider, or a breach of a ticketing partner could undermine public confidence and create operational disruption in multiple host cities.

AI-driven cybercrime and financial fraud

The most immediate threat facing supporters is financially motivated cybercrime. Major sporting events have historically attracted fraud schemes, but AI significantly increases their sophistication and reach.

Criminal groups are expected to exploit public interest through phishing campaigns, social engineering operations, fake ticket sales, fraudulent travel packages, malicious mobile applications and counterfeit livestreaming services.

The Canadian Centre for Cyber Security highlighted research indicating that more than 4,300 suspicious World Cup-related domains had already been identified by August 2025.

Generative AI allows attackers to produce convincing communications in multiple languages within seconds. Emails can imitate official FIFA announcements, airline notifications, hotel confirmations or ticketing updates with remarkable accuracy. AI-generated text can eliminate many of the grammatical errors that have traditionally exposed phishing attempts.

The personalisation capabilities of AI further increase effectiveness. Information gathered from social media profiles can be used to create tailored messages targeting specific individuals.

A supporter who has publicly discussed attending a World Cup match may receive a realistic-looking email containing details of a stadium, flight, or accommodation booking.

Cybersecurity researchers also warn about AI-powered chatbots designed to engage victims in extended conversations, gradually building trust before directing them towards malicious websites or fraudulent payment portals.

Such attacks represent an evolution beyond traditional phishing because they can adapt dynamically to the victim’s responses.

Deepfakes, disinformation and information warfare

One of the most significant AI-related concerns surrounding the World Cup is the potential use of deepfake technology and synthetic media.

Deepfakes can generate highly realistic audio, video, and images depicting events that never occurred. During a tournament watched by billions of people, such content could spread rapidly before verification mechanisms have time to respond.

 Ball, Football, Soccer, Soccer Ball, Sport, Adult, Male, Man, Person, Computer, Electronics, Laptop, Pc, Cup, Screen, Computer Hardware, Hardware, Accessories, Formal Wear, Tie, Monitor, Phone, Electrical Device, Microphone, Mobile Phone, Book, Publication, Blackboard, People, Face, Head, Gianni Infantino, Lionel Messi

A fabricated video appearing to show a national team manager criticising players, a fake government announcement warning of security threats, or an AI-generated recording supposedly involving FIFA officials could create confusion and damage reputations.

Even brief circulation of false information may influence public perception, financial markets, or security decisions.

Threat actors are very likely to employ AI-generated articles, images and videos during the World Cup tournament. Furthermore, state-sponsored influence operations remain possible, particularly if geopolitical tensions involving participating nations intensify.

The risk is not limited to political manipulation. Criminal groups may use deepfakes to support fraud operations, impersonate public figures or create fake emergency announcements designed to generate panic.

The speed of modern social media platforms means that misleading content can reach millions of users before fact-checking efforts can become effective.

The World Cup, therefore, represents a major test for digital information resilience. Governments, media organisations and technology platforms will need rapid verification capabilities to distinguish authentic content from increasingly sophisticated synthetic media.

Critical infrastructure and operational technology risks

The World Cup’s dependence on critical infrastructure creates another layer of cybersecurity concern.

Electricity grids, water systems, telecommunications networks, transportation infrastructure and emergency communications all support tournament operations. Any disruption affecting these systems could have consequences extending far beyond football matches.

Security researchers have warned that operational technology environments often remain less protected than traditional information technology networks. Many infrastructure systems were designed decades ago, long before cybersecurity became a primary concern.

As digital connectivity expands, vulnerabilities within such systems become increasingly attractive targets.

A cyber-attack on public transportation networks could delay tens of thousands of supporters travelling to World Cup matches. Disruptions affecting telecommunications systems could interfere with emergency coordination, media coverage and public communications.

Attacks targeting stadium access systems could create safety concerns if spectators are unable to enter or exit venues efficiently.

The multinational structure of the tournament further increases its complexity. The US, Canada and Mexico operate under different legal frameworks, cybersecurity standards and regulatory environments.

Effective protection, therefore, requires unprecedented levels of coordination between public authorities and private sector partners in the three countries.

Protecting fan data and digital identities

The FIFA World Cup generates enormous volumes of personal data. Ticket purchases, accommodation bookings, transportation arrangements, mobile applications, loyalty programmes and payment systems all collect information about supporters.

Such datasets are highly attractive to cybercriminals. Personal information can be used for identity theft, financial fraud, account takeovers or targeted phishing campaigns. The concentration of large numbers of international visitors further increases the value of collected data.

Digital ticketing systems present both opportunities and risks. While electronic tickets reduce certain forms of fraud and improve operational efficiency, they also create new attack vectors. Compromised accounts, stolen credentials and fake ticket marketplaces can all exploit digital ticketing ecosystems.

The use of biometric technologies introduces additional challenges. Facial recognition systems may be employed for security screening, venue access or identity verification. Although such technologies can improve efficiency and security, they also raise questions about privacy, consent, data retention, and oversight.

 Person, Electronics, Mobile Phone, Phone, Adult, Male, Man, Computer Hardware, Hardware, Monitor, Screen, Guard, Face, Head, Mattia De Sciglio

Maintaining public trust requires transparency regarding how personal information is collected, stored, and protected. Strong cybersecurity measures must be accompanied by clear governance frameworks and accountability mechanisms.

Online abuse and AI moderation

Cybersecurity during the World Cup extends beyond technical attacks. Online abuse, harassment and hate speech represent significant digital risks affecting players, officials and supporters.

Experience from previous tournaments illustrates the scale of the problem. FIFA reported that one in five players participating in the 2023 Women’s World Cup experienced online abuse. Through the Social Media Protection Service, nearly 117,000 comments were hidden or blocked during the competition. Almost half of the abusive messages were classified as sexist, sexual, or homophobic.

The scale of online interaction surrounding the men’s World Cup is expected to be substantially larger. Social media platforms, therefore, face significant pressure to prevent abuse while preserving legitimate expression.

Ofcom has already warned platforms about their responsibilities under the UK Online Safety Act. The regulator expects companies to maintain effective reporting systems, sufficient moderation resources and rapid responses to illegal content.

Tech companies face scrutiny during the FIFA World Cup as Ofcom monitors compliance.

AI will play a central role in content moderation efforts.

Machine learning systems can analyse vast quantities of user-generated content and identify harmful material much faster than human moderators alone. However, AI moderation remains imperfect. Algorithms may struggle with sarcasm, cultural context, local languages or rapidly evolving forms of abuse.

Balancing safety and freedom of expression will remain one of the most challenging governance issues during the World Cup.

AI as a cybersecurity enabler

Despite the risks, AI has become an essential component of modern cybersecurity strategies.

Security operations centres generate enormous volumes of alerts, logs and threat intelligence data. Human analysts alone cannot process this information effectively. AI enables organisations to identify patterns, prioritise risks, and respond more rapidly to emerging threats.

Machine learning systems can detect unusual network behaviour that may indicate malicious activity. AI tools can analyse phishing campaigns, identify fraudulent domains and uncover relationships between seemingly unrelated attacks.

cybersecyrity AI

Automated systems can isolate compromised devices and block suspicious traffic before significant damage occurs.

AI is also becoming increasingly important for threat intelligence. Security teams use machine learning models to analyse information from global threat feeds, identify emerging attack techniques and predict potential risks. During an event as large as the FIFA World Cup, such capabilities may provide critical advantages.

Beyond cybersecurity, AI supports broader security operations. Computer vision systems can monitor crowd movement, identify congestion points, and assist with emergency planning. Predictive analytics can help authorities allocate resources more effectively and improve incident response capabilities.

Nevertheless, AI should be viewed as a force multiplier rather than a replacement for human expertise. Automated systems can produce false positives, miss novel attack methods or be manipulated through adversarial techniques. Human oversight remains essential, particularly when decisions affect public safety and civil liberties.

International cooperation and long-term implications

The cybersecurity challenge facing the World Cup cannot be addressed by FIFA alone. Effective protection requires collaboration among governments, intelligence agencies, law enforcement organisations, cloud providers, telecommunications companies, stadium operators, and cybersecurity firms.

Information sharing will be particularly important. Threat intelligence must move rapidly across organisations and national borders. Attack indicators identified in one host city may become relevant to another within minutes.

 Adult, Male, Man, Person, Astronomy, Outer Space, Body Part, Hand, Globe, Planet, Handcuffs

The World Cup also serves as a preview of the future challenges facing large-scale public events. As AI becomes increasingly integrated into infrastructure, transportation, communications and security operations, future tournaments will become even more dependent on digital technologies.

The lessons learned from 2026 are therefore likely to influence cybersecurity planning for future Olympic Games, continental championships, political summits and other international gatherings.

Conclusion

The FIFA World Cup 2026 demonstrates how deeply sport has become intertwined with the digital world. Football remains the centrepiece of the tournament, but its success depends equally on cybersecurity, AI governance and operational resilience.

AI will help protect infrastructure, support threat detection, improve crowd management, and strengthen cyber defence capabilities. At the same time, it will enable more sophisticated phishing campaigns, more convincing deepfakes, more effective disinformation operations and increasingly personalised fraud schemes.

The central challenge is not whether AI should be used. The challenge is how it can be deployed responsibly, securely and transparently within one of the most complex public events ever organised.

Success will depend on balancing innovation with security, automation with human oversight and efficiency with public trust.

The real test for FIFA, host governments and technology providers will be resilience. Cyber incidents are almost inevitable given the scale and visibility of the tournament. What will matter most is the ability to detect threats quickly, limit disruption, recover effectively and maintain public confidence.

Ultimately, the FIFA World Cup 2026 may be remembered as the first truly AI-era World Cup, where cybersecurity, misinformation and digital resilience have become as important as events on the pitch.

As citizens, supporters and digital users, we each have a role to play in protecting the integrity of the information and technologies that increasingly shape our lives.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

The future of agentic AI: A cross-regulatory perspective from the UK

Published in March 2026, ‘The Future of Agentic AI‘ is a foresight paper from the Digital Regulation Cooperation Forum (DRCF), the joint body bringing together the Competition and Markets Authority (CMA), the Financial Conduct Authority (FCA), the Information Commissioner’s Office (ICO) and Ofcom.

Drawn on a public call for views conducted through the DRCF Thematic Innovation Hub in autumn 2025 and a series of cross-regulatory workshops, it maps how agentic AI simultaneously activates the remits of all four regulators, and identifies the areas where cross-regulatory coherence will be most difficult to maintain as the technology advances.

The DRCF emphasises that regulation should function as an enabler of innovation rather than a barrier. All four regulators affirm that existing UK frameworks, across data protection, consumer protection, financial regulation and online safety, already apply to agentic AI.

Much of the analytical weight, therefore, lies not in proposing new rules but in mapping how the simultaneous application of those frameworks to a single agentic deployment creates coordination challenges that a sector-by-sector regulatory model was not designed to manage.

The document does not constitute regulatory policy and is explicitly framed as a contribution to the stakeholder debate.

Agentic AI: definition and current state of development

 Person, Security

Agentic AI is defined as systems of AI agents that behave and interact autonomously to achieve their objectives, where each individual agent is an increasingly autonomous AI capable of directly affecting real-world environments. The key distinction from standard generative AI lies in what agents do beyond generating outputs: they assess goals and decompose them into subtasks, retrieve real-time data from external services, execute actions such as making payments or sending communications, and retain memory of past interactions.

Information retrieval alone does not make a system an agent. The critical feature is the autonomous plan-act loop through which multi-step tasks are completed, often by invoking external tools, with limited or no human intervention at each step.

A five-level autonomy spectrum structures the analysis of the current and near-future agent landscape. At the base sits the ‘tool’, a reactive system with no initiative or memory. Above it is the ‘assistant’, capable of planning a few steps and using approved tools while deferring to the user for execution.

The ‘operator’ handles bounded workflows end-to-end once authorised. The ‘collaborator’ and ‘autonomous actor’ tiers, capable of initiating and coordinating multi-step work with minimal human approval, remain largely theoretical at the time of publication.

Most practical deployments today sit at the assistant or operator tiers: customer-support copilots that triage tickets, workflow agents that automate expense claims, or fraud detection systems in financial services. Agentic AI is not exclusively software-based. Embodied agents in robotics and the Internet of Things (IoT) represent an important adjacent development, with LLM-enabled humanoid robots already deployed in some industrial settings.

Emerging opportunities across the economy

 Blackboard, Text, Symbol

For individual users, the core opportunity lies in a ‘delegation layer’ between people and the digital services they rely on: agents that can translate natural-language intent into executable sequences of steps across tools, services and platforms, reducing friction and cognitive load. Specific consumer benefits highlighted include reduced search costs through conversational product comparison, improved deal quality through continuous price monitoring and automatic coupon application, and support for switching and cancellation journeys.

Particular potential is identified for users with disabilities or limited digital literacy, for whom conversational interfaces may substantially lower barriers to digital participation, touching directly on the future of work and labour market inclusion.

For businesses, a large-scale study of a generative AI assistant in customer support found improvements of around 14 to 15% in issues resolved per hour, with the greatest gains among less experienced workers.

Illustrations of current commercial deployment include Allianz’s agentic system for automating food spoilage claims, which uses seven specialised agents, and the UK Government Digital Service’s trial of Microsoft 365 Copilot across 20,000 staff, which reported time savings of 26 minutes per person per day.

For regulators, the CMA has already deployed agentic AI to detect consumer harms such as drip pricing. The DRCF discusses how agentic supervision tools could enable compliance monitoring at a scale and speed that would be impossible for human inspectors alone, pointing to a future in which regulators themselves are among the primary users of the technologies they oversee.

Amplified and novel risks

 Pen, Adult, Male, Man, Person, Text, Furniture, Table

Agentic AI does not merely introduce new hazards; it amplifies existing ones through the combination of autonomy, multi-step execution and access to sensitive data. The most structurally significant risk is accountability fragmentation, which the DRCF describes as the ‘many hands problem’: when a deployment involves a model provider, a system provider and a downstream deployer, each contributing distinct elements to an outcome, attributing liability for harm becomes substantially more complex than in conventional software.

Model providers have a role in monitoring and emergency controls, system providers in adapting those tools to the context, and downstream deployers in maintaining oversight during operation. Importantly, the foresight paper makes clear that ‘my agent did it’ is not a defence any UK regulator will accept as organisational responsibility for legal compliance remains unchanged regardless of the agent autonomy.

Data protection risks are particularly acute. Agentic systems frequently require broad access to personal and operational data, which may be shared across multiple agents and integrated with external tools in ways that make it difficult to maintain the data minimisation principle under the UK GDPR.

Action bundling, the tendency of agents to execute sequences of steps that would normally represent separate consumer decisions simultaneously and at speed, raises questions about whether consent remains meaningful.

Cascading errors, where a flaw in one agent propagates across interconnected systems with amplified effect, are identified as a governance challenge with potentially systemic consequences touching on critical infrastructure. The Moffatt v. Air Canada case, in which an automated system provided incorrect information and the airline was held accountable, is cited by respondents to the call for views as an illustration of how accountability challenges in automated deployments are already reaching the courts.

Cybersecurity risks are materially increased by agentic capabilities. Agents designed to ingest and act on content from diverse external sources are particularly vulnerable to prompt injection attacks, in which malicious instructions are embedded in the content the agent processes, raising direct cybersecurity concerns.

Agents may also operate under non-human identities (NHIs) without the session-based oversight that applies to conventional user authentication, creating surfaces for privilege escalation and data exfiltration. A documented attack in which agentic AI was used to perform 80 to 90% of the attack lifecycle illustrates how the same capabilities that make agents useful can be weaponised at speeds and scales beyond human capacity to manage.

Hyper-personalisation adds a further risk dimension. Agents with persistent memory and detailed user profiles can generate highly persuasive communications, and the same techniques can be turned to personalised fraud, as demonstrated in documented AI-driven influence campaigns. Where agents are optimised to advance the commercial objectives of deployers through undisclosed advertising arrangements or data-extractive digital business models, they may channel users toward platform-preferred outcomes while presenting themselves as neutral intermediaries.

Foresight scenarios and their regulatory implications

 Face, Head, Person, Photography, Portrait, Adult, Female, Woman, Skin

A methodologically distinctive feature of the foresight paper is its use of scenario analysis to stress-test the cross-regulatory implications of different agentic AI futures. Building on the ICO’s Agentic AI Tech Futures Report, the DRCF constructed a two-by-two matrix of four plausible futures defined by two critical uncertainties: the capability level of agentic systems and the degree of their adoption in the economy.

Subject-matter experts from all four regulators examined each scenario for regulatory synergies and friction points in a cross-regulatory workshop.

The first scenario, ‘scarce, simple agents’, describes low capability and low adoption, in which agents remain narrow tools used in controlled professional contexts with close human oversight. The regulatory challenges here are primarily about maintaining proportionality without over-regulating an immature technology.

The second scenario, ‘just good enough to be everywhere’, combines low capability with high adoption: agents are widely deployed despite significant limitations, creating systemic consumer harm at scale and widespread accountability confusion. Of the four scenarios, this is considered the most acute near-term risk.

The third scenario, ‘agents in waiting’, describes high capability but low adoption, in which powerful agents are held back by regulatory uncertainty, liability concerns or lack of consumer trust. The regulatory challenge shifts from harm prevention to enabling conditions: excessive caution risks suppressing valuable innovation.

The fourth scenario, ‘ubiquitous agents’, represents high capability combined with high adoption, a fully agentic future in which agents mediate most consumer-market interactions and manage enterprise workflows autonomously. Winner-takes-most market concentration, spontaneous algorithmic collusion, systemic accountability gaps and agent-to-agent communication operating beyond human-readable oversight are identified as the primary governance challenges in this scenario.

The cross-regulatory workshop exercise enabled the four regulators to map not only sector-specific risks within each scenario but also the points where their remits intersect or conflict. The DRCF presents this methodology as a model for ongoing interdisciplinary horizon scanning that other jurisdictions could adapt to stress-test their own frameworks before tensions manifest in real-world deployments.

The cross-regulatory challenge

 Art, Graphics, Adult, Male, Man, Person, Head

Using the example of a large UK retailer deploying an autonomous customer assistant, the DRCF demonstrates how a single agentic deployment can simultaneously raise data protection issues for the ICO through automated decision-making on credit or loyalty discounts, financial regulation concerns for the FCA if the assistant recommends or arranges financial products, online safety duties for Ofcom if the agent retrieves and synthesises information from third-party websites in ways that may constitute a regulated search service under the Online Safety Act 2023, and competition regulation and consumer protection matters for the CMA if the agent behaviour steers users away from competitors or constitutes algorithmic collusion.

No single regulator holds the full picture, yet each may need to act.

Each regulator sets out its current approach. The ICO launched a public consultation on updated automated decision-making and profiling guidance on 31 March 2026, responding to the reforms introduced by the Data (Use and Access) Act 2025, section 80 of which came into force on 5 February 2026.

That provision replaced Article 22 of the UK GDPR with new Articles 22A to 22D, substituting the previous near-prohibition on solely automated decision-making with a more permissive, safeguards-based framework. The consultation closed on 29 May 2026, with final guidance expected in summer 2026.

The ICO has also been formally commissioned under the Statutory Instrument 2026/425 to produce a statutory code of practice on AI and automated decision-making, which will carry evidential weight in enforcement proceedings and is expected to address agentic systems directly.

The FCA applies its outcomes-focused Consumer Duty to firms using agentic AI in financial services, with its AI Live Testing platform providing a supervised environment for firms to experiment with agentic use cases. Ofcom is assessing how agentic AI affects telecoms markets and whether agent-enabled services fall within the scope of its online safety regime.

The CMA draws on the Digital Markets, Competition and Consumers Act (DMCCA) to address strategic market status, self-preferencing and exclusionary conduct in agentic AI contexts, and has published guidance for businesses on complying with consumer law when using AI agents.

Governance, accountability and human oversight

 Pen, Chart

Observability, defined as the ability of deployers to understand what is happening within a system by examining its outputs, including logs of interactions, reasoning steps, action traces and performance metrics, is identified as a foundational governance requirement. Legal obligations under data protection law, consumer law, competition law, financial regulation and online safety requirements apply regardless of the degree of automation involved.

Nominal human oversight, where a person is present but has no genuine capacity to intervene, does not satisfy the human-in-the-loop requirement under UK data protection law when automated decisions have legal or similarly significant effects on individuals. Permissions controls that specify which data sources an agent may access are presented as both a data governance and a data minimisation tool, with the additional benefit of reducing consent fatigue: the risk that users who are repeatedly prompted to approve the agent actions begin doing so without meaningful deliberation.

Responsibility in multi-agent systems remains one of the most unresolved points in the analysis. As agents interact with each other and blend datasets without human involvement, identifying who controls which data and who is responsible for a given compliance failure under the UK GDPR becomes progressively harder.

Respondents to the call for views proposed that regulators require firms to adopt AI supply chain governance frameworks addressing component integrity, compatibility, and risk propagation. The DRCF raises the concept of ‘transparency agents’, systems designed specifically to monitor inter-agent transactions and maintain audit trails, noting that governing agentic AI may itself require agentic tools.

Consumer rights, market dynamics and algorithmic collusion

 Lighting, Architecture, Building, Wall

The Consumer Rights Act 2015 and the consumer protection provisions of the DMCCA apply fully to agentic AI providers. Drawing on the CMA’s research on agentic AI and consumers, published on 9 March 2026, the core risk identified is that systems optimised for the deployer’s commercial objectives through undisclosed advertising arrangements or data-extractive business models may influence consumer protection outcomes in ways users cannot anticipate or contest.

‘Choice outsourcing’ is identified as an emerging structural risk: when consumers delegate comparison and transaction decisions to agents that, in turn, respond to platform incentives, competition shifts from the product layer to the agent layer, with firms competing to be favoured by assistants rather than to offer the best price or quality.

Digital inequality receives dedicated analysis across two distinct risk groups. Users with lower media literacy and limited device access may struggle to recognise AI-generated responses, navigate privacy controls or correct agent errors. Users with higher digital literacy may nonetheless find their critical assessment skills weakened by the reduced visibility into multi-agent decision-making.

As agentic AI becomes embedded in everyday systems, the DRCF cautions that users may increasingly feel that non-adoption means being shut out of services entirely, a form of structural compulsion that existing consumer protection frameworks were not designed to address.

Algorithmic collusion is among the most technically specific risk areas addressed. Experimental evidence suggests that LLM-based agents may spontaneously converge on supra-competitive prices in price-setting, bidding and financial market simulations without explicit instruction, maintaining those prices even as conditions change.

Research also demonstrates that AI systems can develop covert communication strategies, including hiding messages within ordinary text, and may evolve faster non-natural-language communication protocols as alternatives to human-readable exchange.

All existing collusion evidence comes from controlled experimental conditions rather than from real-world markets, but the DRCF treats the findings as sufficient to warrant caution in deploying agents in pricing roles. The CMA’s paper on AI and collusion, published on 4 March 2026, provides the most detailed UK regulatory analysis of these risks to date.

Open communication protocols such as the Model Context Protocol (MCP) and Agent2Agent (A2A) are discussed as tools for supporting interoperability and reducing vendor lock-in, although their competitive implications remain to be addressed.

Further developments

 Computer, Electronics, Tablet Computer, Computer Hardware, Hardware, Monitor, Screen

Since the foresight paper was published in March 2026, the regulatory programme it outlines has moved forward on several fronts. Most notably, on 3 June 2026 the DRCF launched a call for input on consumer interest and AI, open until 3 July 2026. Structured in two phases, the call gathers the consumer evidence that the four regulators need to apply their existing rules more effectively.

Phase one examines consumer attitudes: how much risk consumers will tolerate from generative and agentic AI in exchange for convenience and cost savings, how well they understand the technology, and whether disclosures and consent mechanisms have a meaningful effect. Phase two asks what tools, frameworks and obligations can best deliver good consumer outcomes.

The call is significant as it represents the first concrete step toward building an empirical evidence base for enforcement rather than anticipatory guidance. Findings will feed directly into the autumn regulatory agenda of all four member bodies.

The ICO’s consultation on the updated automated decision-making and profiling guidance closed on 29 May 2026, with final guidance expected later in 2026. The FCA’s Mills Review, which examined how advanced AI models could reshape retail financial services by 2030, is on track to deliver recommendations to the FCA Board in summer 2026, with an external publication to follow. Cohort 2 of the FCA’s AI Live

Testing programme has launched, building on findings from the first cohort. Ofcom is expected to publish its 2026 to 2027 strategic approach to AI later in the year, covering agentic AI’s implications for telecoms markets and online safety.

The UK regulatory landscape is also developing in an international context. Spain’s data protection authority, the AEPD, published a detailed technical guide on AI agent architecture in February 2026, addressing prompt injection vulnerabilities and automated decisions under Article 22 of the GDPR, one of the most granular analyses produced by a European data protection authority to date.

In March 2026, an EU Parliament committee voted in favour of amendments pushing EU AI Act high-risk compliance deadlines to December 2027 and August 2028, reflecting continued implementation pressure at the EU level.

Together, these developments illustrate that the governance issues raised by the DRCF are being worked through simultaneously across multiple jurisdictions, with regulatory divergence as real a risk as convergence.

Implications for the broader digital governance landscape

 Person, Security

The DRCF’s multi-regulator framing reflects a structural reality that most national governance frameworks have not yet fully absorbed: agentic AI is not a sector-specific technology but a general-purpose capability that simultaneously activates legal obligations across multiple regulatory domains.

Countries that have assigned AI oversight to a single lead authority may find that agentic AI creates accountability gaps at the boundaries between those domains that a single-regulator model cannot address.

A fundamental difference between the UK approach and the EU AI Act is worth noting. The EU AI Act employs a risk-based classification system applied at the level of AI systems and their use cases, imposing pre-market obligations on high-risk systems before deployment.

The UK’s approach applies existing sector-specific rules to AI through the regulator most relevant to a given harm, without a central AI authority or horizontal AI statute. Both approaches acknowledge that deploying an AI agent does not transfer legal accountability to the agent; accountability remains concentrated on the deployer.

Where the two frameworks diverge is in their approach to ex ante versus ex post intervention. The UK model relies more heavily on enforcement after harm has occurred, supplemented by guidance and safe-space testing.

The EU model attempts to prevent certain harms before deployment. The ‘just good enough to be everywhere’ scenario, in which low-capability agents cause consumer harm at scale, implicitly raises the question of whether the post-hoc enforcement model is sufficiently robust for the near-term agentic AI risks the DRCF itself identifies as the most pressing.

On standards and interoperability, the governance of agent communication protocols is emerging as a question of digital standards and competition policy as much as a technical one. If open protocols such as the Model Context Protocol (MCP) and Agent2Agent (A2A) become widely adopted, they could reduce the ecosystem advantages that currently favour large incumbent platform operators.

If dominant firms instead establish proprietary standards, the market concentration risks in the ‘ubiquitous agents’ scenario could materialise more rapidly.

A related concept raised in the foresight paper is ‘know your agent’ protocols, analogous to ‘financial services ‘know-your-customer frameworks’ in financial services, as a tool for verifying agent identity, intent and permissions in commercial settings. Potential links are noted to the digital identity reforms currently under development in the UK. How these standards issues are addressed will significantly shape the competitive landscape of agentic AI markets over the next several years.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

The EU’s Tech Sovereignty Package and the future of European digital power

On 3 June 2026, the European Commission presented the European Technological Sovereignty Package, a set of measures to strengthen Europe’s capacity in semiconductors, AI, cloud computing and open source software. The package comprises two legislative proposals, the Chips Act 2.0 and the Cloud and AI Development Act (CADA), alongside the new EU Open Source Strategy and the Strategic Roadmap for Digitalisation and AI in Energy.

The Commission framed the initiative as a fundamental shift in the EU’s approach to technology, underpinned by the recognition that digital dependence is no longer a market inefficiency to be tolerated, but a strategic vulnerability to be corrected through legislation.

Commission President Ursula von der Leyen stated that Europe cannot afford to depend on others for the technologies that keep its hospitals running, its energy grids stable, and its services secure, calling on the EU to convert its research excellence, industrial base and single market into technological sovereignty.

The package is designed to broaden choice in core technologies for EU businesses, citizens and public administrations, and to position Europe to capture a larger share of a global semiconductor market projected to reach EUR 1.37 trillion by 2030, with AI-related components accounting for roughly 70% of that growth.

The timing reflects a specific convergence of pressures. The rapid spread of AI applications is driving a sharp increase in demand for data centre and cloud capacity that EU infrastructure cannot currently meet at scale. At the same time, longstanding dependence on non-EU suppliers for advanced semiconductor manufacturing, chip design and cloud services has become increasingly difficult to ignore as geopolitical tensions have demonstrated the economic risk of concentrated supply chains.

The 2022 US CHIPS and Science Act, generous subsidy regimes in Asia and tightening export controls on advanced semiconductor equipment have accelerated the global race for technological self-sufficiency, prompting Europe to adopt a more active industrial policy response. 

Chips Act 2.0

 Electronics, Hardware, Printed Circuit Board, Mace Club, Weapon

The Chips Act 2.0 revises and expands the 2023 European Chips Act, which has mobilised more than EUR 52 billion in public and private investment, created an estimated 46,000 direct and indirect jobs and strengthened Europe’s research and innovation capacity in semiconductors. Despite this progress, the EU remains dependent on third countries for advanced chip manufacturing and semiconductor design.

The revised regulation is designed to accelerate Europe’s position across the entire semiconductor value chain, from raw materials and design to manufacturing and packaging, and to ensure that Europe captures a greater share of the growth in AI-related chip demand.

The proposal is structured around four objectives. On investment and competitiveness, the Act would cap permitting approvals at 12 months, introduce ‘Grand Challenges’ to support the development of strategically important chip types such as AI processors, and formalise Strategic Partnerships on Semiconductors with international allies.

To stimulate demand, it establishes Demand Accelerators to align new products with industry needs, expands innovation procurement, notably for European start-ups and scale-ups, and creates structural synergies with CADA to benefit from the data centre and AI Gigafactory buildout planned under that regulation.

On the supply side, the Act enables state aid for ‘First-of-a-Kind’ facilities not yet present in the Union, covering the full semiconductor value chain, designates strategic projects to unlock EU and member state co-investment, and creates a ‘Semiconductor Regions of Excellence’ label to attract investment at the regional level. To strengthen resilience, it establishes a business-to-business semiconductor supply chain platform and provides sector-specific guidance on risk assessment and mitigation.

The explicit linkage between Chips Act 2.0 and CADA reflects a deliberate industrial logic: European-made chips powering European cloud infrastructure, with demand from that infrastructure in turn supporting European chipmakers.

Cloud and AI Development Act

 Architecture, Building, Person, Security

The Cloud and AI Development Act (CADA) forms a central part of the Commission’s AI Continent Action Plan and simultaneously addresses two structural problems: insufficient EU cloud and data centre capacity to meet AI-driven demand, and strategic dependence on a small number of non-EU cloud providers.

The Act is designed to facilitate and accelerate the deployment of sustainable cloud and data centre infrastructure, while ensuring the EU accelerates the rollout of cloud and AI in critical sectors and retains meaningful control over the infrastructure on which that rollout depends.

The Act focuses on three main areas. On research, development and innovation, it supports next-generation cloud and AI technologies, including frontier AI, industrial AI, and physical AI, introduces grand challenges to drive R&D efforts, and promotes adoption in strategic sectors through national cloud and AI strategies and new Experience and Acceleration Centres for AI in member states.

On capacity, it targets at least a tripling of EU data centre capacity within five to seven years, simplifies and accelerates permitting, and improves access to energy, land, water and financing. On sovereignty and autonomy, it establishes a single EU-wide sovereignty classification framework, promotes open source solutions as a tool for resilience, and introduces a common EU-level procurement framework for public administrations.

The sovereignty classification system merits particular attention. It introduces four assurance levels for cloud and AI services, to be applied by public sector bodies based on their own risk assessments. Level 1 requires data to be processed and stored within the EU. Level 2 requires providers to demonstrate independence from third countries and transparency over their software supply chain.

Level 3 requires providers to be owned and controlled from within the EU and to meet additional criteria including personnel citizenship, although the Commission retains the ability to recognise third-country providers at this level. Level 4 requires full transparency and control over the software supply chain with no third-country interference.

Cloud service providers seeking recognition under this framework must undergo an independent audit conducted by member state authorities. The framework is significant because it creates, for the first time, a legally grounded and progressive definition of what it means for a cloud service to be sovereign, moving the concept from political rhetoric to a procurement-relevant standard.

EU Open Source Strategy

 Astronomy, Earth, Globe, Outer Space, Planet, Plate

The EU Open Source Strategy is the non-legislative pillar of the package most directly aimed at reducing dependence on proprietary, non-EU software. It places open source at the centre of the EU’s technological sovereignty approach, arguing that open ecosystems reduce supplier lock-in, increase transparency and give European developers and public administrations greater control over their digital infrastructure.

The strategy addresses a persistent structural weakness: the economic value generated by open source projects has historically been captured outside Europe, limiting the ability of European developers and companies to benefit fully from their own contributions.

The strategy is organised around four objectives. The first, Open Source for Tech Sovereignty, focuses on scaling the Open Internet Stack, a Commission-curated catalogue of EU-aligned open source solutions, and promoting alternatives to dominant proprietary products in areas such as cloud platforms, workplace tools, secure e-mail and decentralised social media.

The work will be carried out in cooperation with member states through the European Digital Infrastructure Consortium for Digital Commons. The second objective, Vibrant Open Source Ecosystem, targets start-up support through accelerators and procurement access, alongside a stewardship toolkit for critical open source assets and investment in digital skills across schools, universities, and civil services.

The third objective, Open Source in Public Administration, sets out procurement guidelines that favour open standards, reinforces the Commission’s Open Source Programme Office (OSPO) and the EU Public Sector OSPO Network, and seeks to embed openness and sovereignty-by-design in digital investment decisions across EU institutions and member states.

The fourth objective, Reinforced Standards and International Outreach, promotes EU open source developers and solutions internationally through the EU Tech Business Offer, supports uptake in partner countries and integrates open source communities into standardisation processes, including through a forthcoming revision of the EU Standardisation Regulation.

The strategy also intersects directly with the other package components. On semiconductors, it targets open hardware development through the Chips Joint Undertaking’s RISC-V programme. On AI, it supports the GenAI4EU initiative and promotes open source tooling for public sector AI adoption through the Apply AI Strategy.

On digital identity, it prioritises open source implementation of the European Digital Identity Wallet (EUDI Wallet) and the European Business Wallet. The strategy also interacts with the recently enacted Cyber Resilience Act (CRA), which imposes new security obligations on open source projects that have generated concern in the developer community. The Open Source Maintenance Instrument and critical dependency mapping exercises set out in the strategy are designed in part to address those obligations, though reconciling the CRA’s security requirements with the growth objectives of the strategy will be a key implementation challenge.

Strategic Roadmap for Digitalisation and AI in Energy

 Computer, Electronics, Hardware, Architecture, Building, Warehouse, Server, Factory

The Strategic Roadmap for Digitalisation and AI in Energy is the least legally binding element of the package but arguably the one that determines whether its ambitions are physically realisable. The targets set by CADA, particularly the goal of at least tripling EU data centre capacity within five to seven years, cannot be achieved without a corresponding expansion in reliable, affordable power supply.

Data centres are energy-intensive by nature, and the AI workloads they are increasingly required to process are even more demanding. The roadmap addresses this constraint by setting out how AI and digital technologies can improve the efficiency and flexibility of Europe’s energy systems while also enabling the energy infrastructure that these systems need.

The roadmap connects the package’s digital ambitions to the EU’s energy transition objectives, creating a mutually reinforcing relationship: cleaner, smarter energy systems create more viable conditions for data centre expansion, while AI-enabled demand management and grid optimisation tools reduce the cost and environmental impact of that expansion. The roadmap is also relevant as a governance document, since the deployment of AI in critical energy infrastructure raises its own questions about cybersecurity, data sovereignty and the concentration of control over systems on which entire economies depend.

Governance and policy implications

 Adult, Male, Man, Person, Text, Pen, Formal Wear, Clothing, Suit, Document, Computer, Electronics, Laptop, Pc

The Tech Sovereignty Package raises several governance issues that extend beyond its immediate legislative content. The most significant concerns the model it establishes for EU industrial policy. The package marks a clear departure from the long-standing assumption in EU competition policy that market mechanisms and trade openness are the primary tools for achieving efficient and innovative technology markets.

The explicit use of state aid for strategic semiconductor projects, the joint procurement frameworks in CADA and the deliberate promotion of EU-origin suppliers both in public procurement and sovereign cloud classification illustrate a greater role for public intervention in the technology sector. Whether the EU’s trading partners, particularly the United States and major Asian semiconductor producers, will treat these provisions as proportionate industrial policy or as market-distorting intervention is likely to become a significant diplomatic issue.

The package also has important implications for the governance of AI in Europe. It operates in parallel to the EU AI Act and the work of the EU AI Office, but addresses a different layer of the AI ecosystem. While the AI Act focuses on the risk profile and compliance obligations of AI systems once deployed, the Tech Sovereignty Package governs the infrastructure and supply chains that enable AI development in the first place.

The relationship between the two frameworks matters as decisions taken at the infrastructure layer, such as the cloud sovereignty level applied to a given public sector AI deployment, can have downstream consequences for compliance with AI Act requirements. The relationship between these frameworks will be an important area to monitor as implementation progresses.

A further coordination challenge arises internally. The package spans multiple policy domains and directorates-general within the Commission, including DG CONNECT for semiconductors, cloud and open source, and DG ENERGY for the energy roadmap.

It also interacts with DG COMP on State aid approvals and with DG TRADE on the trade implications of sovereignty-oriented procurement rules. Ensuring coherence across these areas during the legislative process, and subsequently during implementation, will require stronger-than-usual inter-institutional coordination.

Legislative process and upcoming milestones

 Scoreboard

The two legislative proposals, the Chips Act 2.0 and CADA, need to enter the ordinary legislative procedure, meaning they will be negotiated separately by the European Parliament and the Council of the European Union before trilogue negotiations between the two institutions and the Commission can begin.

Given the political and economic stakes involved, and the number of member states with competing interests in semiconductor investment locations and cloud market access, the negotiations are likely to be protracted. The original European Chips Act took approximately two years from proposal to final adoption, and CADA, which touches on the politically sensitive question of digital sovereignty vis-à-vis key trading partners, may encounter comparable friction.

Several near-term milestones are already in view. The Commission is expected to launch a call for AI Gigafactories in July 2026, following the European High Performance Computing Joint Undertaking (EuroHPC JU) Governing Board’s agreement in principle on 1 June 2026. AI Gigafactories are large-scale, purpose-built AI training facilities and represent one of the most concrete and immediately actionable elements of the broader AI infrastructure agenda.

Their deployment is intended to provide European researchers, start-ups and industry with access to the kind of computing capacity currently concentrated in the United States, and the July call will be an early test of the Commission’s ability to move from legislative ambition to operational delivery.

The Commission will also launch a consultation with member states, the European Investment Bank Group and other key stakeholders to design a European equity capacity at scale for financing tech sovereignty ambitions. This implies that the Commission does not believe grant funding and state aid alone will be sufficient to mobilise the investment required, and that a blended finance model, combining public equity with private capital, will be needed.

The EIB Group’s involvement points towards the kind of risk-sharing instruments it has used in other strategic sectors, although the specific structures and governance arrangements have yet to be designed through the consultation process.

Broader context

The package does not emerge in isolation. It sits within a cluster of interconnected EU strategic frameworks that have, over the past two to three years, progressively shifted the EU’s economic policy stance from market liberalisation towards what the Commission calls ‘open strategic autonomy’: the maintenance of trade openness where possible, combined with targeted interventionism to reduce strategic dependencies where necessary.

The Competitiveness Compass, adopted earlier in 2025 and drawing heavily on the 2024 Draghi report on European competitiveness, identifies reducing strategic dependencies as one of three pillars for restoring European economic dynamism. The Tech Sovereignty Package is the most operationally specific expression of that pillar to date.

The Economic Security Strategy, adopted in 2023, provided the risk-assessment framework within which the package sits, identifying advanced semiconductors, AI, quantum computing and biotechnology as the technological areas posing the most significant dual-use and strategic dependency risks for the EU. The Tech Sovereignty Package translates that risk assessment into concrete legislative and policy instruments, with semiconductors and AI infrastructure receiving the most direct regulatory attention.

The Commission’s AI Continent Action Plan, which positions Europe to become a global AI leader by focusing on computing infrastructure, data, skills, and adoption, provides the most direct policy antecedent for CADA in particular. The Tech Sovereignty Package fast-tracks the infrastructure ambitions of the Action Plan and adds the supply chain governance dimension that the Action Plan did not fully address.

Taken together, these documents represent a sustained and internally consistent shift in EU digital and industrial policy, one in which technological leadership is treated not merely as an economic aspiration but as a precondition for political and regulatory autonomy in an increasingly contested global technological order.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!

Europe’s digital crossroads: Key takeaways from CPDP 2026

The Computers, Privacy and Data Protection (CPDP) conference is an annual gathering that brings together academics, policymakers, industry representatives, civil society, students, and EU institutions to discuss emerging digital policy challenges. This year’s theme was ‘Competing Visions, Shared Futures’, the 19th in the series, and it hosted approximately 150 panels over the span of 3 days in Brussels.

What is CPDP?

CPDP’s value lies in its multidisciplinary approach. With academics presenting their work or debating topical issues, as well as with industry and policy experts bringing their expertise to the table, the event creates a space for honest conversations among participants.

The conference is sponsored by organisations such as Google, TikTok, Apple, as well as the European Data Protection Supervisor (EDPS), European Union Agency for Fundamental Rights (FRA) and VBU. Google even presented its Banana AI model in a photo booth, allowing participants to modify photos they took in the booth.

Alongside panels, CPDP hosts an array of workshops, short films, artwork, radio programming, promotion booths, dedicated DPO, youth, finance and IT tracks, book launches, and pop-up exhibitions. The event always closes the day in style with an open bar and a party to chat and network at.

CPDP is not a typical conference with just panels, attendees, moderators, and lengthy speeches. The conference inspires creativity and gives the freedom to achieve it. This was proven by the diverse topics showcased in the event’s schedule over the three days.

From a fireside chat with the artist, Simon Denny, behind the conference’s art, who uses AI as a medium in some of his work, to typical discussions about the Digital Omnibus or tracking period apps, all the way to an exiled journalist talking about Russian internet censorship. There was something for everyone.

Brussels
Image via Magnific

What was presented?

The breadth of topics discussed at CPDP offers insight into the issues currently shaping Europe’s digital policy agenda. There were approximately 150 panels in total, with data protection, AI, the Digital Omnibus and the topics of digital sovereignty receiving the most attention. Data protection received the most attention overall, as 33 panels were dedicated to the topic. This was followed by 26 panels on AI, 12 on the Digital Omnibus, 10 on digital sovereignty, and 7 on child-related protection.

The distribution of panels reflects the growing prominence of AI in digital policy discussions. However, data protection topics, including privacy and the GDPR, are still the frontrunners in terms of topic relevance. Newer and emerging topics reveal what is topical in the digital world.

Growing concerns over US tech reliance have intensified discussions about EU digital sovereignty. Alongside this, another heavily debated and sensitive topic is child protection in the online context and its generative AI implications, which raises questions about how to better protect children online.

 People, Person, Crowd, Adult, Female, Woman, Electrical Device, Microphone, Accessories, Bag, Handbag, Audience, Jewelry, Necklace, Electronics, Speaker, Male, Man, Clothing, Footwear, Shoe, Indoors, Speech, Carrie Vaughn, Vian Dakhil

Emerging topics at CPDP

Digital sovereignty is a challenging topic as it encompasses a lot and has yet to be defined, meaning that taking action can look different for a wide variety of actors. Several discussions framed digital sovereignty as a pathway towards greater digital independence and reduced reliance on external technology providers. In order to try to achieve digital sovereignty, public procurement should be steered away from non-EU actors and towards EU businesses to develop a European stack.

Yes, private partnerships are important, but public ones set the tone. Several participants argued that public procurement choices will play an important role in determining whether EU can strengthen domestic digital capabilities and reduce strategic dependencies. Digital sovereignty needs to come from all corners of the market and society; that is the challenge.

A very interesting panel on data protection and AI, the GDPR, and privacy occurred. In Academic Session I, Stephanie von Maltzan presented findings about her groundbreaking research on LLM unlearning. The larger the LLM, the more data points it will be trained on and the more complex its ‘web’ will be.

Removing data points is not a common practice, given how data points interact with each other, meaning that complexity overrides certain fundamental rights. For example, when data subjects invoke their right to erasure under Article 17 of the GDPR, they may request that certain data be deleted in an LLM, yet this request is difficult to carry out in practice.

The research highlights one of the emerging challenges at the intersection of AI governance and data protection. She presents a two tier model in which the actively deployed LLM is accompanied by a parallel ‘shadow’ model.

After receiving a valied erasure request, the ‘shadow model’ would undergo the necessary unlearning processes to remove the relevant data. In the second tier, in a scheduled update, the ‘shadow’ model, which had undergone unlearning, would replace the initial LLM, thereby upholding data subject requests.

MIT researchers propose fix for LLM catastrophic forgetting.

Apart from these insightful exchanges of knowledge on AI, digital sovereignty and data protection, the conference offered practical workshops on how to brainstorm re-writing the proposed Article 88b of the Omnibus, data protection officer and cybersecurity crisis scenarios, as well as open conversations about how to protect children in online environments.

Remaining questions

The conference also highlighted several unresolved policy questions that continue to shape European digital governance debates.

  • Regarding the Digital Omnibus, would companies scale up overnight if we removed regulations?
  • Does digital sovereignty need/have a definition, or should it be left to the meaning of ‘digital independence’?
  • Open markets vs data protection, where is the balance?
  • Regarding digital sovereignty, which clouds should be used in the EU?
  • Should simplification mean using the once-used definition of personal data by the CJEU, or sticking to the definition relied on in law, cases, and practice?
  • In order to protect EU sovereignty, should parts of the stack be a public utility?
fe34b9e2 7a97 49b7 a5eb a624716dd4b2

Why does it matter?

CPDP 2026 demonstrated that while privacy and data protection remain central pillars of European digital policy, debates around AI governance, digital sovereignty and online child protection are rapidly gaining prominence.

The discussions highlighted the growing challenge of balancing innovation, competitiveness, fundamental rights and strategic autonomy as Europe defines its digital future.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot

CBDC: The antithesis of cryptocurrency

Central bank digital currencies (CBDCs) have rapidly become one of the most debated topics in global finance. The growing adoption of cryptocurrency, the expansion of stablecoins, and the broader digitalisation of payment systems have prompted governments and central banks to reconsider how state-issued money should function in the digital era. Supporters present CBDCs as a modern financial innovation while critics argue that they could increase state control over financial activity. 

Unlike traditional debates surrounding cryptocurrencies, discussions about CBDCs extend beyond the technology alone. Questions surrounding privacy, financial sovereignty, surveillance, monetary policy, and the future role of governments in digital finance now sit at the centre of the global CBDC debate. As more jurisdictions move from research to pilot programmes and implementation, CBDCs are increasingly viewed as a response to the rise of crypto assets and a broader transformation of modern financial infrastructure.

CBDCs represent a state-driven counterpoint to cryptocurrency.
image via Magnific

What are CBDCs?

A central bank digital currency is a digital form of fiat currency issued and controlled by a central bank. Unlike decentralised cryptocurrencies, CBDCs remain fully tied to state monetary systems and national currencies. Their value is supported by governments in much the same way as traditional currency.

Anti-crypto by design, CBDCs differ significantly from cryptocurrencies despite often using similar technological concepts. Decentralised digital assets such as Bitcoin operate without a central authority and rely on distributed blockchain networks, whereas CBDCs are centrally managed and regulated. In practice, CBDCs represent a digital state currency, not an alternative financial system.

Most CBDC models fall into two categories: retail CBDCs and wholesale CBDCs. Retail CBDCs are designed for public use in everyday transactions, while wholesale CBDCs focus on interbank settlements and institutional payments. 

Central banks have accelerated CBDC research partly because digital payments increasingly dominate global commerce. The rapid growth of crypto markets and private stablecoins has also intensified discussions about whether states risk losing influence over monetary systems if digital finance evolves outside government control.

CBDCs represent a state-driven counterpoint to cryptocurrency.
image via Magnific

Why governments support CBDCs

Governments and central banks generally present CBDCs as a financial modernisation tool. One of the most frequently cited advantages involves payment efficiency. CBDCs could potentially enable faster domestic transactions, reduce settlement delays, and lower the cost of cross-border payments. In economies where digital payments already dominate consumer behaviour, central banks increasingly argue that public money must evolve alongside technological change.

Another major factor behind CBDC development is monetary sovereignty. The rise of cryptocurrencies and privately issued stablecoins has raised concerns among policymakers that private digital assets could weaken the state’s influence over financial systems. From this perspective, CBDCs are viewed as a way to maintain central bank authority in an increasingly digital economy.

Supporters also argue that CBDCs could improve financial inclusion. In regions where large parts of the population remain outside of traditional banking systems, digital state-backed wallets could provide broader access to financial services without requiring conventional bank accounts. 

Some policymakers also view CBDCs as a strategic response to growing geopolitical competition in financial technology. Digital currencies could eventually reshape international payment networks and reduce dependence on existing cross-border settlement systems. As a result, CBDCs are increasingly becoming part of broader discussions surrounding economic competitiveness and technological sovereignty.

CBDCs represent a state-driven counterpoint to cryptocurrency.
image via Magnific

Why the crypto community opposes CBDCs

Opposition to CBDCs within the cryptocurrency community largely centres on concerns surrounding centralisation and state control. Many crypto advocates argue that CBDCs contradict the original philosophy behind decentralised cryptocurrencies, which were designed to operate independently of governments and central financial institutions. Moreover, CBDCs are seen as an attempt to imitate cryptocurrencies.

Privacy concerns remain one of the most significant criticisms. Critics fear that CBDCs could expand government visibility into personal financial activity, particularly if digital payment systems become directly connected to state-controlled infrastructure. Unlike cash transactions, which provide a degree of anonymity, CBDC transactions could potentially allow authorities to monitor spending patterns in real time.

Concerns about programmable money have also intensified debate. Some critics argue that CBDCs could theoretically enable restrictions on how, where, or when money is spent. Although many governments insist that such scenarios are speculative, the possibility of programmable financial controls has become a major talking point in the crypto industry.

Another argument frequently raised by crypto supporters involves financial autonomy. Decentralised cryptocurrencies allow users to self-custody assets without relying on banks or governments. CBDCs, by contrast, remain fully integrated into state-controlled financial systems. For many in the crypto sector, this distinction represents a fundamental ideological divide rather than merely a technological difference.

Critics also argue that CBDCs could increase pressure on decentralised cryptocurrencies through stricter regulatory frameworks. Some fear that governments could eventually favour state-backed digital currencies while imposing stricter compliance requirements on private crypto platforms and decentralised finance ecosystems. 

CBDCs represent a state-driven counterpoint to cryptocurrency.
image via Magnific

Global CBDC projects and implementation challenges

Several jurisdictions have already launched or tested CBDC initiatives, producing mixed results across different economic and political environments.

China remains one of the most advanced examples through its digital yuan project, also known as e-CNY. Chinese authorities have promoted CBDC for years as part of a broader effort to modernise payments and strengthen the country’s digital financial infrastructure. However, public adoption has reportedly remained relatively weak despite extensive state support and pilot programmes in major cities. Surveys have indicated that a large majority of respondents neither encountered nor used the digital currency, highlighting ongoing scepticism among consumers.

India has adopted a noticeably more cautious approach towards CBDC implementation through its e-rupee project. Since its launch in late 2022, adoption has remained limited despite various incentives designed to encourage usage. Indian authorities have repeatedly stressed that while CBDCs could improve trade settlements, remittances, and cross-border transactions, the long-term consequences for the banking system remain uncertain. Officials from the Reserve Bank of India have warned that CBDCs could potentially destabilise traditional financial institutions during periods of economic stress. 

Russia has also accelerated the development of the digital rouble as part of its broader financial modernisation strategy. The digital rouble is expected to enter a phased public rollout in 2026, with pilot programmes already including government transfers, commercial payments, transport services, and real estate transactions. Russian authorities have recently announced the country’s first digital ruble salary payment, marking an important symbolic milestone for the project. Authorities have stated that future CBDC salary payments would remain optional for recipients. The Bank of Russia has described the project as one of the world’s most advanced CBDC initiatives and has highlighted smart contracts, budgetary payments, and cross-border settlements as key areas for future application.

In contrast, the United States has become one of the most politically divided jurisdictions regarding CBDCs. Debate surrounding a potential digital dollar has increasingly focused on privacy, civil liberties, and financial surveillance concerns. Several Republican lawmakers have pushed for permanent restrictions that would prevent the Federal Reserve from issuing or even testing a US CBDC. Compared to jurisdictions actively implementing CBDCs, the United States appears to be increasingly focused on limiting government involvement in digital currency systems rather than expanding it.

Meanwhile, the European Central Bank continues to develop the digital euro project. European policymakers have framed the project as part of a broader effort to preserve monetary sovereignty and reduce dependence on non-European payment providers in an increasingly digital economy. According to the ECB, the system is intended to combine the convenience of digital payments with certain characteristics traditionally associated with cash. However, privacy has become one of the most sensitive aspects of the European debate. 

Collectively, these international examples demonstrate that CBDC implementation is not solely a technological challenge. Public trust, political culture, regulatory design, and perceptions of privacy and state control may ultimately prove to be as important as the underlying digital infrastructure itself.

CBDCs represent a state-driven counterpoint to cryptocurrency.
image via Magnific

CBDCs and cryptocurrencies: competition or coexistence?

Despite the growing tension between the two models, CBDCs and cryptocurrencies may not necessarily become direct replacements for one another. Analysts argue that the two systems could coexist while serving different purposes within the broader digital economy.

CBDCs are primarily designed to preserve and modernise existing monetary systems, whereas cryptocurrencies often aim to provide alternatives outside of traditional financial structures. From that perspective, CBDCs may function as a regulated digital payment infrastructure while decentralised cryptocurrencies continue to attract users seeking autonomy, borderless transactions, or alternative stores of value.

Some observers also believe that CBDC development could indirectly accelerate digital asset adoption by familiarising the public with blockchain-related technologies, tokenised payments, and digital wallets. Greater public exposure to digital currencies may ultimately increase broader participation in digital finance in general.

At the same time, tensions between the two ecosystems are unlikely to disappear entirely. The debate over CBDCs increasingly reflects a broader conflict between institutional control and decentralised financial models. Questions surrounding privacy, regulation, and ownership of financial data are likely to remain central as digital currency systems continue to evolve.

 CBDCs represent a state-driven counterpoint to cryptocurrency.
image via Magnific

Rethinking money, trust, and sovereignty

Ultimately, the debate over CBDCs is not merely about payments or financial technology, but about the future relationship between citizens, money, and the state itself. Throughout modern history, money has represented more than just economic value alone- it has reflected trust, sovereignty, political power, and social stability. As finance becomes increasingly digital, governments and societies are now forced to reconsider the role that public money should play in an environment shaped by decentralised technologies, borderless transactions, and rapidly evolving digital economies.

CBDCs may therefore emerge as one of the defining financial experiments of the twenty-first century. Their long-term significance will likely depend not only on technological efficiency but also on whether central banks can preserve public confidence while adapting to a digital era that increasingly values autonomy, privacy, and financial flexibility. Excessive state control could intensify public resistance, while insufficient innovation may risk weakening the relevance of sovereign currencies in a global financial system increasingly influenced by private digital assets and decentralised networks.

Rather than representing a simple conflict between governments and cryptocurrency communities, the rise of CBDCs may ultimately signal the beginning of a broader transformation in how value, trust, and economic participation are understood in the digital age. The countries that succeed may not necessarily be those with the most advanced technology, but those capable of balancing innovation with civil liberties, monetary stability with openness, and financial modernisation with public trust.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our chatbot!  

Why digital literacy is becoming a strategic necessity in the AI era

For many years, digital policy focused mainly on connectivity. Governments measured progress through broadband expansion, smartphone adoption, internet penetration, and device accessibility. Success was defined by how many people could connect to digital networks rather than by how effectively they could navigate increasingly complex digital environments.

However, AI, algorithmic recommendation systems, synthetic media, and platform-driven information ecosystems are now forcing policymakers to reconsider this approach. Access alone no longer guarantees empowerment. Citizens may be connected to the digital world while remaining vulnerable to manipulation, misinformation, cyber fraud, algorithmic bias, and AI-generated deception.

 Book, Publication, Advertisement, Text, Poster, Paper

Digital literacy is therefore evolving into something much broader than technical competence. It gradually includes media literacy, AI literacy, critical thinking, online safety awareness, privacy protection, and the ability to evaluate the credibility of information sources. In many countries, digital literacy is becoming directly linked to democratic resilience, social cohesion, economic competitiveness, and national security.

International organisations, regulators, and governments are beginning to frame digital literacy not merely as an educational issue but as a structural policy challenge. UNESCO initiatives, EU educational frameworks, online safety regulations, and national AI strategies all point to the same conclusion: societies are entering a phase where the ability to critically navigate digital systems may become as important as traditional literacy itself.

From digital access to digital judgement

The shift from access to judgement is becoming visible across multiple policy initiatives worldwide. Early digital inclusion strategies focused on closing infrastructure gaps and improving affordability. Current discussions increasingly focus on cognitive resilience and information integrity.

For example, UNESCO’s ‘Digital Citizens for Peace’ initiative in Pakistan offers a strong example of that transition. Pakistan has more than 205 million mobile subscribers and over 116 million internet users, yet UNESCO describes a growing ‘literacy-connectivity gap’. Digital access has expanded far faster than critical media literacy capabilities, leaving many users exposed to disinformation and online manipulation.

 Flag, Pakistan Flag

Rather than relying only on reactive fact-checking, UNESCO’s programme seeks to foster long-term digital judgement. Young journalists and content creators participate in media and information literacy camps that combine mentorship, role-playing exercises, ethical communication practices, and collaborative learning. Participants are encouraged not only to recognise misinformation but also to understand the broader social consequences of hate speech, manipulation, and digital polarisation.

Such programmes reflect an important evolution in policymaking. Digital literacy is no longer treated as a narrow technical skill associated with operating software or navigating websites. Increasingly, policymakers view it as a civic competence linked to democratic participation and responsible engagement in digital spaces.

That transition matters because modern information environments are no longer passive. Algorithms actively shape what users see, recommend emotionally engaging material, and amplify content capable of driving interaction. We, as citizens, therefore, need to understand not only the information itself, but also the systems that distribute it.

AI raises the stakes

AI dramatically intensifies these challenges. Generative AI systems can now produce realistic text, audio, images, and video at scale, often with minimal cost or expertise required. As we already know, deepfakes, synthetic media, AI-generated propaganda, and automated misinformation campaigns are becoming easier to deploy and harder to identify.

Such developments are forcing governments and educational institutions to rethink how societies prepare citizens for digital environments increasingly influenced by AI systems.

The Council of the European Union has recently called for a ‘human-centred approach’ to AI in education, stressing that teachers must remain central to the learning process even as AI tools expand across classrooms.

Furthermore, the Council has highlighted several major risks associated with AI integration, including misinformation, algorithmic bias, unequal access to digital resources, excessive technological dependence, and data protection concerns.

Importantly, the Council has not framed AI literacy as a purely technical matter. Instead, European policymakers have emphasised critical reflection, ethical understanding, and responsible digital citizenship. Teachers are described not merely as users of AI systems, but as guides capable of helping students understand limitations, biases, and broader societal implications.

That distinction is critical. AI literacy cannot simply mean learning how to use AI tools productively. Communities also need to understand how such systems influence perception, automate decisions, and shape public discourse. Without these skills, populations may struggle to distinguish authentic information from synthetic manipulation.

As such, digital literacy increasingly intersects with cyber resilience. Individuals and organisations need to understand the emerging threats connected to synthetic media, AI-driven fraud, deepfake impersonation, and automated social engineering techniques.

Education systems are the first line of defence

Schools and universities are gradually becoming central pillars of digital resilience strategies. Educational institutions are expected to prepare students not only for labour markets shaped by AI but also for digital societies susceptible to manipulation and polarisation.

That challenge places considerable pressure on teachers. Many education systems still struggle with uneven digital infrastructure, insufficient training, and outdated curricula. AI adoption risks widening those gaps if implementation occurs without adequate preparation.

UNESCO initiatives reflect similar priorities globally. In Tanzania, UNESCO supported ICT teacher training programmes involving 139 ICT master trainers across 20 regions. 15 online ICT modules were integrated into broader professional development systems, helping educators build long-term digital competencies rather than relying on isolated workshops.

Such efforts reveal an important reality often overlooked in AI discussions. Technology alone does not transform education. Institutional capacity, teacher confidence, curriculum design, and long-term support mechanisms remain equally important.

 Female, Girl, Person, Teen, Pen, Head, Computer, Electronics, Laptop, Pc, Face, Writing, Ylona Garcia

Education systems also face a delicate balancing act. AI tools may improve accessibility, personalise learning experiences, and reduce administrative burdens. At the same time, overreliance on automation could weaken concentration, analytical thinking, and independent problem-solving abilities among students.

Several governments are therefore attempting to preserve human oversight while embracing technological innovation. European frameworks increasingly stress ‘digital humanism’, ensuring that AI systems support rather than replace human agency and democratic values.

Misinformation and civic resilience

The relationship between digital literacy and democratic resilience is becoming increasingly direct. Misinformation campaigns no longer operate only through fringe websites or isolated propaganda channels. False narratives now spread through mainstream social platforms, encrypted messaging applications, short-form video systems, and AI-generated media.

UNESCO’s ‘Share Responsibly’ campaign in Lebanon illustrates how policymakers are attempting to address misinformation as a social behaviour problem, not just a technological issue. Rather than focusing exclusively on platforms, the campaign highlights everyday spaces such as taxis, shops, and public areas where digital misinformation circulates through ordinary conversations and social sharing practices.

UNESCO and Lebanon launch national campaign promoting media literacy and responsible information sharing.

This approach, among other national and institutional initiatives (EU, governments, etc), recognises an important reality: misinformation spreads because people trust familiar networks and emotionally engaging narratives. Digital literacy, therefore, requires behavioural and cultural dimensions alongside technical awareness.

AI further complicates this dynamic. Synthetic voices, realistic avatars, and automated content generation systems can manufacture the illusion of public consensus. Information operations become more scalable, more personalised, and potentially more persuasive.

Growing concerns around online radicalisation, conspiracy movements, and digital polarisation explain why many governments now frame digital literacy as part of broader societal resilience strategies. Citizens capable of critically assessing digital content are less vulnerable to manipulation, foreign influence operations, and emotionally driven misinformation ecosystems.

Platform design and user autonomy

Digital literacy alone cannot solve the structural problems embedded in digital platforms themselves. Society may develop stronger critical thinking skills while remaining exposed to systems intentionally designed to maximise engagement, emotional reaction, and behavioural influence.

Regulators are increasingly recognising that platform architecture matters as much as user education.

European regulators have intensified scrutiny of recommender systems, addictive platform features, and manipulative interface design. Investigations involving major technology firms increasingly focus on algorithmic amplification, dark patterns, and risks connected to minors’ online experiences.

The UK’s Ofcom has also strengthened its focus on online safety obligations involving children, illegal content, and algorithmic harms under the Online Safety Act. Such initiatives reflect a growing understanding that digital literacy must be paired with platform accountability.

UK child safety enforcement expands as Ofcom investigates adult sites over age-check compliance.

Individuals cannot realistically bear the full responsibility of navigating opaque recommendation systems, behavioural targeting mechanisms, and AI-driven engagement architectures alone. Effective digital governance requires a dual approach: empowering users while regulating platform behaviour.

That broader regulatory environment is reshaping the way policymakers think about digital citizenship. Instead of assuming neutral technological environments, governments increasingly recognise that digital systems actively influence behaviour, attention, and perception.

AI literacy and the future workforce

Digital literacy debates increasingly extend beyond democratic resilience into labour markets and economic competitiveness. AI systems are transforming workplaces across industries, forcing workers to adapt continuously to changing technological environments.

The World Economic Forum has argued that organisations succeeding with AI are redesigning workflows around human-machine collaboration rather than simply deploying technology. HR leaders are increasingly expected to oversee continuous learning systems, workforce adaptation, and AI-related reskilling strategies.

 Adult, Female, Person, Woman, Male, Man, Indoors, Plant, Executive, Computer Hardware, Electronics, Hardware, Monitor, Screen, Face, Head, Furniture, Mobile Phone, Phone, Computer, Laptop, Pc, Cup, Chair, Ray Caesar

Research by the International Labour Organization similarly highlights growing risks of inequality if lifelong learning systems fail to evolve quickly enough. Workers lacking digital and AI-related skills may face exclusion from emerging labour markets, while technological concentration could deepen economic disparities between regions and social groups.

Such developments demonstrate that digital literacy is no longer confined to classrooms. Governments increasingly view AI and digital competencies as long-term economic infrastructure linked to productivity, competitiveness, and social stability.

National frameworks and international governance

As highlighted previously, the growing strategic importance of digital literacy is visible across national and international governance frameworks. UNESCO, the EU, Canada, China, Australia, and multiple other jurisdictions are integrating AI literacy, ethical governance, and digital resilience into broader policy agendas.

China has recently launched pilot programmes for AI ethics review and governance services, focusing on risks such as algorithmic discrimination and emotional dependence. European institutions continue to expand AI education frameworks and digital rights protections.

Despite different political systems and regulatory philosophies, many governments are converging around similar concerns. AI systems simultaneously influence education, labour markets, information ecosystems, public trust, cybersecurity, and democratic participation.

That convergence explains why digital literacy is now being discussed alongside concepts such as strategic autonomy, societal resilience, and democratic stability.

Limitations and unresolved tensions

Digital literacy initiatives nevertheless face important limitations. Awareness campaigns alone cannot resolve structural inequalities, opaque algorithms, or concentrated technological power.

There is also a risk that governments and technology firms will frame digital literacy as an individual responsibility, avoiding deeper questions about platform incentives, surveillance-based business models, and algorithmic amplification.

Citizens cannot realistically detect every deepfake, evaluate every manipulated narrative, or fully understand every AI system they encounter. Excessive reliance on individual vigilance may therefore create unrealistic expectations.

Educational inequalities present another major challenge. Wealthier regions often have stronger infrastructure, better-trained educators, and greater institutional capacity to adapt curricula. Less developed areas may struggle to implement sophisticated AI literacy programmes, potentially widening global and domestic divides.

In conclusion, digital literacy is gradually evolving into one of the defining governance challenges of the AI era. Connectivity alone no longer guarantees meaningful participation in digital societies shaped by algorithms, synthetic media, and automated systems.

Governments, regulators, and international organisations are now recognising that societies require more than infrastructure and access. Citizens need the capacity to critically evaluate information, understand AI systems, recognise manipulation, and participate responsibly in digital environments.

The next phase of digital transformation will therefore not be defined solely by technological sophistication. It will instead depend on whether societies can develop individuals capable of understanding, questioning, and shaping ever more powerful digital systems rather than passively consuming them.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

OpenAI sued over alleged ChatGPT role in Florida State University shooting

The family of a victim killed in the April 2025 Florida State University shooting has filed a federal lawsuit in Florida against OpenAI, alleging that ChatGPT enabled the attack. The lawsuit was filed on Sunday by Vandana Joshi, the widow of Tiru Chabba, who was killed alongside university dining director Robert Morales.

The complaint states that the accused shooter, Phoenix Ikner, engaged in extensive conversations with ChatGPT months before leading up to the incident. According to the suit, those exchanges included images and discussions about firearms he had acquired, ideological material, ideological far-right beliefs, and possible outcomes of violent attacks.

The chatbot is further accused of providing contextual information about campus activity and commenting on factors that could increase public attention in violent incidents. This is indicated by the fact that at one point, ChatGPT said, ‘if children are involved, even 2-3 victims can draw more attention’. The filing also claims Ikner asked about legal consequences and planning considerations shortly before the attack.

The lawsuit contends that OpenAI failed to identify escalating risk indicators within the conversations and did not adequately prevent harmful guidance. It argues the system ‘failed to connect the dots’ despite Ikner’s repeated questions about suicide, terrorism and mass shootings.

OpenAI has rejected responsibility for the attack, claiming its platform is not to blame. Company spokesperson Drew Pusateri said ChatGPT generated factual responses that could be found broadly across publicly available information and did not encourage or promote illegal activity. He also stated that OpenAI continues to strengthen safeguards to identify harmful intent, reduce misuse and respond appropriately when safety risks arise.

Joshi’s complaint argues that the system reinforced the shooter’s beliefs and failed to interrupt conversations involving violent ideation. The filing alleges the ChatGPT inflamed, validated and endorsed delusional thinking and contributed to planning discussions while ‘convincing him that violent acts can be required to bring about change’.

The lawsuit forms part of a broader wave of litigation involving AI systems and alleged harm. OpenAI is already facing separate lawsuits linked to incidents involving violence and suicide, raising wider questions about safeguards and user protection

Florida’s Attorney General James Uthmeier announced a criminal investigation into OpenAI and ChatGPT following a review of chat logs connected to the case. Uthmeier said in a statement that ‘If ChatGPT is a person it would be facing charges for murder’.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!

Agentic AI and the future of cybersecurity

With the rapid expansion of AI technologies, agentic AI is rapidly moving from experimentation to deployment on a scale larger than ever before. As a result, these systems have been given far greater autonomy to perform tasks with limited human input, much to the delight of enterprise magnates.

Companies such as Microsoft, Google, Anthropic, and OpenAI are increasingly developing agentic AI systems capable of automating vulnerability detection, incident response, code analysis, and other security tasks traditionally handled by human teams.

The appeal of using agentic AI as a first line of defence is palpable, as cybersecurity teams face mounting pressure from the growing volume of attacks. According to the Microsoft Digital Defense Report 2025, the company now detects more than 600 million cyberattacks daily, ranging from ransomware and phishing campaigns to identity attacks. Additionally, the International Monetary Fund has also warned that cyber incidents have more than doubled since the COVID-19 pandemic, potentially triggering institutional failures and incurring enormous financial losses.

To add insult to injury, ransomware groups such as Conti, LockBit, and Salt Typhoon have shown increased activity from 2024 through early 2026, targeting critical infrastructure and global communications, as if aware of the upcoming cybersecurity fortifications and using a limited window of time to incur as much damage as possible.

In such circumstances, fully embracing agentic AI may seem like an ideal answer to the cybersecurity challenges looming on the horizon. Systems capable of autonomously detecting threats, analysing vulnerabilities, and accelerating response times could significantly strengthen cyber resilience.

Yet the same autonomy that makes these systems attractive to defenders could also be exploited by malicious actors. If agentic AI becomes a defining feature of cyber defence, policymakers and companies may soon face a more difficult question: how can they maximise its benefits without creating an entirely new layer of cyber risk?

Why cybersecurity is turning to agentic AI

The growing interest in agentic AI is not simply driven by the rise in cyber threats. It is also a response to the operational limitations of modern security teams, which are often overwhelmed by repetitive tasks that consume time and resources.

Security analysts routinely handle phishing alerts, identity verification requests, vulnerability assessments, patch management, and incident prioritisation — processes that can become difficult to manage at scale. Many of these tasks require speed rather than strategic decision-making, creating a natural opening for AI systems to operate with greater autonomy.

Microsoft has aggressively moved into this space. In March 2025, the company introduced Security Copilot agents designed to autonomously handle phishing triage, data security investigations, and identity management. Rather than replacing human analysts, Microsoft positioned the tools to reduce repetitive workloads and enable security teams to focus on more complex threats.

Google has approached the issue through vulnerability research. Through Project Naptime, the company demonstrated how AI systems could replicate parts of the workflow traditionally handled by human security researchers by identifying vulnerabilities, testing hypotheses, and reproducing findings.

Anthropic introduced another layer of complexity through Claude Mythos, a model built for high-risk cybersecurity tasks. While the company presented the model as a controlled release for defensive purposes, the announcement also highlighted how advanced cyber capabilities are becoming increasingly embedded in frontier AI systems.

Meanwhile, OpenAI has expanded partnerships with cybersecurity organisations and broadened access to specialised tools for defenders, signalling that major AI firms increasingly view cybersecurity as one of the most commercially viable applications for autonomous systems.

Together, these developments show that agentic AI is gradually becoming embedded in the cybersecurity infrastructure. For many companies, the question is no longer whether autonomous systems can support cyber defence, but how much responsibility they should be given.

When agentic AI tools become offensive weapons

The same capabilities that make agentic AI valuable to defenders also make it attractive to malicious actors. Systems designed to identify vulnerabilities, analyse code, automate workflows, and accelerate decision-making can be repurposed for offensive cyber operations.

Anthropic offered one of the clearest examples of that risk when it disclosed that malicious actors had used Claude in cyber campaigns. The company said attackers were not simply using the model for basic assistance, but were integrating it into broader operational workflows. The incident showed how agentic AI can move cyber misuse beyond advice and into execution.

The risk extends beyond large-scale cyber operations. Agentic AI systems could make phishing campaigns more scalable, automate reconnaissance, accelerate vulnerability discovery, and reduce the technical expertise needed to launch certain attacks. Tasks that once required specialist teams could become easier to coordinate through autonomous systems.

Security researchers have repeatedly warned that generative AI is already making social engineering more convincing through realistic phishing emails, cloned voices, and synthetic identities. More autonomous systems could further push those risks by combining content generation with independent action.

The concern is not that agentic AI will replace human hackers. Cybercrime could become faster, cheaper, and more scalable, mirroring the same efficiencies that organisations hope to achieve through AI-powered defence.

The agentic AI governance gap

The governance challenge surrounding agentic AI is no longer theoretical. As autonomous systems gain access to internal networks, cloud infrastructure, code repositories, and sensitive datasets, companies and regulators are being forced to confront risks that existing cybersecurity frameworks were not designed to manage.

Policymakers are starting to respond. In February 2026, the US National Institute of Standards and Technology (NIST) launched its AI Agent Standards Initiative, focused on identity verification and authentication frameworks for AI agents operating across digital environments. The aim is simple but important: organisations need to know which agents can be trusted, what they are allowed to do, and how their actions can be traced.

Governments are also becoming more cautious about deployment risks. In May 2026, the Cybersecurity and Infrastructure Security Agency (CISA) joined cybersecurity agencies from Australia, Canada, New Zealand, and the United Kingdom in issuing guidance on the secure adoption of agentic AI services. The warning was clear: autonomous systems become more dangerous when they are connected to sensitive infrastructure, external tools, and internal permissions.

The private sector is adjusting as well. Companies are increasingly discussing safeguards such as restricted permissions, audit logs, human approval checkpoints, and sandboxed environments to limit the degree of autonomy granted to AI agents.

The questions facing businesses are becoming practical. Should an AI agent be allowed to patch vulnerabilities without approval? Can it disable accounts, quarantine systems, or modify infrastructure independently? Who is held accountable when an autonomous system makes the wrong decision?

Agentic AI may become one of cybersecurity’s most effective defensive tools. Its success, however, will depend on whether governance frameworks evolve quickly enough to keep pace with the technology itself.

How companies are building guardrails around agentic AI

As concerns around autonomous cyber systems grow, companies are increasingly experimenting with safeguards designed to prevent agentic AI from becoming an uncontrolled risk. Rather than granting unrestricted access, many organisations are limiting what AI agents can see, what systems they can interact with, and what actions they can execute without human approval.

Anthropic has restricted access to Claude Mythos over concerns about offensive misuse, while OpenAI has recently expanded its Trusted Access for Cyber programme to provide vetted defenders with broader access to advanced cyber tools. Both approaches reflect a growing consensus that powerful cyber capabilities may require tiered access rather than unrestricted deployment.

The broader industry is moving in a similar direction. CrowdStrike has increasingly integrated AI-driven automation into threat intelligence and incident response workflows while maintaining human oversight for critical decisions. Palo Alto Networks has also expanded its AI-powered security automation tools designed to reduce response times without fully removing human analysts from the decision-making process.

Cloud providers are also becoming more cautious about autonomous access. Amazon Web Services, Google Cloud, and Microsoft Azure have increasingly emphasised zero-trust security models, role-based permissions, and segmented access controls as enterprises deploy more automated tools across sensitive infrastructure.

Meanwhile, sectors such as finance, healthcare, and critical infrastructure remain particularly cautious about fully autonomous deployment due to the potential consequences of false positives, accidental shutdowns, or disruptions to essential services.

As a result, security teams are increasingly discussing safeguards such as audit logs, sandboxed environments, role-based permissions, staged deployments, and human approval checkpoints to balance speed with accountability. For now, many companies seem ready to embrace agentic AI, but without keeping one hand on the emergency brake.

The future of cybersecurity may be agentic

Agentic AI is unlikely to remain a niche experiment for long. The scale of modern cyber threats, combined with the mounting pressure on security teams, means organisations will continue to look for faster and more scalable defensive tools.

That shift could significantly improve cybersecurity resilience. Autonomous systems may help organisations detect threats earlier, reduce response times, address workforce shortages, and manage the growing volume of attacks that human teams increasingly struggle to handle alone.

At the same time, the technology’s long-term success will depend as much on restraint as on innovation. Without clear governance frameworks, operational safeguards, and human oversight, the same tools designed to strengthen cyber defence could introduce entirely new vulnerabilities.

The future of cybersecurity may increasingly belong to agentic AI. Whether that future becomes safer or more volatile may depend on how responsibly governments, companies, and security teams manage the transition.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!


Why DeepSeek V4 is changing the AI model race

DeepSeek has again placed itself at the centre of the global AI race. After drawing worldwide attention with its R1 reasoning model in early 2025, the Chinese company has recently released DeepSeek V4, a new model designed to compete not only on performance, but also on price, openness and efficiency.

The hype around DeepSeek V4 is not based on a single feature. The model comes with a 1 million-token context window, open weights, two versions for different use cases and a strong focus on agentic workflows such as coding, research, document analysis and long-running tasks. In a market still dominated by expensive closed models, DeepSeek is trying to prove that powerful AI does not need to remain locked behind trademarked systems.

A model built for long memory

The most immediate difference between DeepSeek V4 and other models is context length. Both DeepSeek-V4-Pro and DeepSeek-V4-Flash support a 1-million-token context window, meaning they can process inputs far longer than those of older generations of mainstream models. According to DeepSeek’s official release, one million tokens is now the default across all official DeepSeek services.

For ordinary users, that may sound technical. In practice, it matters because a longer context allows models to work with large documents, long conversations, full codebases, legal materials, research archives or complex project histories without losing track as quickly.

That is why DeepSeek V4 is not just another chatbot release. It is aimed at the next stage of AI use, where models are expected to act less like question-answering tools and more like assistants that can follow long processes over time.

Two models for two different needs

DeepSeek V4 comes in two main versions. DeepSeek-V4-Pro is a larger and more capable model, with 1.6 trillion total parameters and 49 billion active parameters. DeepSeek-V4-Flash is a smaller model, with 284 billion total parameters and 13 billion active parameters, designed for faster and more cost-effective workloads.

That distinction is important. Not every user needs the strongest model for every task. A company summarising documents, routing queries or running basic support may choose Flash. A developer working on complex coding tasks, long-context agents or advanced reasoning may prefer Pro.

DeepSeek’s release reflects a broader trend in AI. The best model is no longer always the biggest one. Cost, speed, context size and deployment flexibility are now as important as raw benchmark performance.

Why the price matters

One reason DeepSeek attracts so much attention is its aggressive pricing. DeepSeek’s API page lists V4-Flash at USD 0.14 per 1 million input tokens on a cache miss and USD 0.28 per 1 million output tokens. V4-Pro is listed at USD 1.74 per 1 million input tokens and USD 3.48 per 1 million output tokens before the temporary 75% discount.

For developers and companies, that changes the calculation. High-performing AI models are useful only if they can be deployed at scale. If every long document, coding session or agentic workflow becomes too expensive, adoption slows down.

DeepSeek’s challenge to the market is therefore not only technical. It is economic. The company is pushing the idea that frontier-level AI should be cheaper to run, easier to access and less dependent on closed ecosystems.

The architecture behind the hype

DeepSeek V4 uses a mixture-of-experts approach, meaning only part of the model is active during each response. That helps explain why the model can be very large on paper, yet still more efficient to run than a dense model of similar overall size.

The more interesting part is how DeepSeek handles long context. NVIDIA’s technical overview explains that DeepSeek V4 uses hybrid attention, combining compression and selective attention techniques to reduce the cost of processing very long prompts. NVIDIA says these changes are designed to cut per-token inference FLOPs by 73% and reduce KV cache memory burden by 90% compared with DeepSeek-V3.2.

For a non-technical audience, the point is simple. DeepSeek V4 is trying to solve one of the biggest problems in modern AI: how to make models remember and process much more information without becoming too slow or too expensive.

That is where much of the hype comes from. The model is not merely larger. It is designed around the economics of long-context AI.

Why NVIDIA is still in the picture

DeepSeek’s R2 launch is delayed as US restrictions cut off supply of NVIDIA H20 chips built for China.

NVIDIA’s role in the DeepSeek V4 story is especially interesting. DeepSeek is often discussed as part of China’s effort to build a more independent AI ecosystem, but NVIDIA has also been quick to move forward to support developers who want to build with the model.

In its technical blog, NVIDIA describes DeepSeek V4 as a model family designed for efficient inference of million-token contexts. The company says DeepSeek-V4-Pro and V4-Flash are available through NVIDIA GPU-accelerated endpoints, while developers can also use NVIDIA Blackwell, NIM containers, SGLang and vLLM deployment options.

NVIDIA also reports that early tests of DeepSeek-V4-Pro on the GB200 NVL72 platform showed more than 150 tokens per second per user. That matters because long-context models place heavy memory pressure, as well as on compute and networking infrastructure. The model may be efficient by design, but serving it at scale still requires serious hardware.

So, DeepSeek V4 does not remove NVIDIA from the story – it complicates it. The model is part of a broader push towards more efficient AI, but the infrastructure race remains central.

The chip question behind the model

DeepSeek V4 also arrives at a time when AI infrastructure is becoming just as important as model performance. MIT Technology Review frames the release partly through that lens, noting that DeepSeek’s new model reflects China’s broader attempt to reduce reliance on foreign AI hardware and build a more self-sufficient technology stack.

That detail matters because the AI race is no longer only about who builds the most capable model. It is also about who controls the chips, software frameworks and data centres needed to run it.

Replacing NVIDIA, however, remains difficult. Its advantage lies not just in its chips, but also in the software ecosystem developers have built around its platforms over many years. Moving to alternative hardware means adapting code, rebuilding tools and proving that the new systems are stable enough for serious use.

DeepSeek V4, however, sits between two realities. It points towards China’s ambition to build a more independent AI stack, while NVIDIA’s rapid support for the model shows that frontier AI still depends heavily on established infrastructure.

Open weights as a strategic move

DeepSeek V4 is also important because the model weights are available through Hugging Face under the MIT License. That gives developers more freedom to inspect, adapt and deploy the model than they would have with a fully closed commercial system.

Open-weight models are becoming a major pressure point in the AI race. Closed models may still lead in some areas, especially in polished consumer products, enterprise support and safety layers. However, open models offer something different: flexibility.

For universities, start-ups, smaller companies and developers outside the largest AI ecosystems, that flexibility matters. It means advanced AI can be tested, modified and integrated without relying entirely on a handful of dominant providers.

Benchmarks need caution

DeepSeek presents V4-Pro as highly competitive across reasoning, coding, long-context and agentic benchmarks. Hugging Face lists results including 80.6 on SWE-bench Verified, 90.1 on GPQA Diamond and 87.5 on MMLU-Pro for DeepSeek-V4-Pro.

Those numbers are impressive, but they should not be treated as the full story. Benchmarks are useful, but they rarely capture every real-world use case. A model can score well on coding tests and still struggle with reliability, factual accuracy, safety or complex multi-step workflows in production.

That caution is important. The AI industry often turns benchmarks into headlines, while real performance depends on deployment, prompting, safety controls and the specific task at hand.

More than just another model release

DeepSeek V4 matters because it combines several trends into one release: long context, lower prices, open weights, agentic workflows and geopolitical competition. It also shows that the AI race is no longer fought only in labs, benchmarks and data centres. Visibility now matters too. Tools such as Diplo’s Digital Footprints show how digital presence shapes the way technology actors and media narratives are discovered, ranked and understood. At this stage, the competition is not only about who has the smartest model. It is also about who can make intelligence cheaper, more available and easier to deploy.

That does not mean DeepSeek has solved every problem. Questions remain around independent benchmarking, safety, data governance, infrastructure and the broader political context of Chinese AI development. Still, the release does show where the market is heading.

The next phase of AI may not be defined solely by the most powerful model. It may be defined by the model that is powerful enough, affordable enough and open enough to change how people build products, services and tools with AI.

Would you like to learn more about AI, tech, and digital diplomacy? If so, ask our Diplo chatbot!